Some background: The
Identity Server is powerful fully customizable authentication and authorization solution. I'm using it for last two years in my projects. It is cool system and most times works out of the box however, in some scenarios an cause a lot of troubles.
The official example can be found here Adding Apis. It's a good working example if you settings up
Identity Server from scratch. However, in my case, I have to migrate existing endpoints from another application to existing
Identity Server, which gives me no option to run the seeding data procedure(?).
To enable token validation for local API we just need to add the following to
That was the easy part, now let's what is the tricky part:
LocalApi schema is using
IdentityServerApi scope. It is not added by default and need to be added manually in my case.
- Create the API Resource for your local API
INSERT [dbo].[ApiResources] ([Enabled], [Name], [DisplayName], [Created], [NonEditable]) VALUES (1, 'apiAuth', 'Auth API', GETDATE(), 0)
- Create new API scope
INSERT [dbo].[ApiScopes] ([Name], [DisplayName], [Description], [Required], [Emphasize], [ShowInDiscoveryDocument], [ApiResourceId]) VALUES ('IdentityServerApi', 'Auth API', null, 0, 0, 1, <here comes the is from #1>)
IdentityServerApito client scopes:
INSERT [dbo].[ClientScopes] ([Scope], [ClientId]) VALUES ('IdentityServerApi', <clientId assuming you have one>)
To the full gist